<?
if(!defined ('U_MOD'))
{
	echo"<meta http-equiv='refresh' content='0;url=/index.php'>";
	exit;
}
include 'topmenu.php';

$avialable_langs = explode(",", $option['avialable_langs']);
$avialable_langs_desc = explode(",", $option['avialable_langs_desc']);


$showForm=1;

if (!isset($FormError))
{
	$i=0;
	$FormError=array();
}

if (isset($act) && ($act==1 || $act==2))
{
	if ($act==1)
	{
		$ActionUrl=1;  $ActionButton=_ADDNEW_;
		$queryRightCheck="SELECT right_value FROM ".$PortalPref."right WHERE right_value='".$urcode."'";
	}
	if ($act==2)
	{
		$ActionUrl=2;  $ActionButton=_EDITE_; $midActionUrl='&rid='.$rid;
		$queryRightCheck="SELECT right_value FROM ".$PortalPref."right WHERE right_id='".$rid."'";
	}

	if ($act==1 || $act==2)
	{
		$queryRightCheck=mysql_query($queryRightCheck);
		if (mysql_num_rows($queryRightCheck)!=0 && $act==1)
		{
			$FormError[$i]=_RIGHT_EXIST_;
			$i++;
		}elseif(mysql_num_rows($queryRightCheck)==0 && $act==2)
		{
			$FormError[$i]=_NO_RIGHT_FOR_EDITE_;
			$i++;
			$showForm=0;
			echo"<meta http-equiv='refresh' content='2;url=/admin.php?amk=".$amk."'>";
		}else
		{
			if ($act==2 && (!isset($rid) || !is_numeric($rid)))
			{
				$FormError[$i]=_NO_RIGHT_FOR_EDITE_;
				$i++;
				$showForm=0;
				echo"<meta http-equiv='refresh' content='2;url=/admin.php?amk=".$amk."'>";
			}

			if (!isset($urcode) || $urcode=='' || !is_numeric($urcode))
			{
				$FormError[$i]=_NO_RIGHT_CODE_;
				$i++;
			}else
				$urcode=trim($urcode);

			for($lid=0; $lid<count($avialable_langs); $lid++)
			{
				$lvalueCheck='lvalue_'.$avialable_langs[$lid];

				if (!isset($_POST[$lvalueCheck]) || $_POST[$lvalueCheck]=='')
				{
					$FormError[$i]=_NO_RIGHT_NAME_.' <b>'._FOR_.'</b> '._LANGA_.': '.$avialable_langs_desc[$lid].'<b>!</b>';
					$i++;
				}
			}

			if (empty($FormError))
			{
				if ($act==1)
				{
					$rtitle=SetTitleForLang('users');
					$queryRight="INSERT INTO ".$PortalPref."right
						(
							right_id,
							right_value,
							right_title
						)VALUES
						(
							NULL,
							'".$urcode."',
							'".$rtitle."'
						)";

				}elseif($act==2)
				{
					$queryRight="UPDATE ".$PortalPref."right
					SET
						right_value='".$urcode."'
					WHERE
						right_id='".$rid."'
					";

					$nextStep=true;
				}

				if (mysql_query($queryRight))
				{
					if ($act==1)
					{
                    	for ($li=0; $li<count($avialable_langs); $li++)
						{
							$LValue='lvalue_'.$avialable_langs[$li];
							$value=trim($$LValue);

							mysql_query("INSERT INTO ".$PortalPref."langs_".$avialable_langs[$li]."
							(
								lang_id,
								lang_module,
								lang_param,
								lang_value
							)VALUES
							(
								NULL,
								'portal',
								'".$rtitle."',
								'".$value."'
							)");
						}
						$nextStep=true;
					}

					if($act==2)
					{
						for($i=0; $i<count($avialable_langs); $i++)
						{
							$LValue='lvalue_'.$avialable_langs[$i];
							$value=trim($$LValue);
							mysql_query("UPDATE ".$PortalPref."langs_".$avialable_langs[$i]." SET lang_value='".$value."' WHERE lang_param='".$r_title."'");
						}
					}

					if($nextStep)
					{
						$showForm=0;
						print '<p align="center">'._OPERATION_SUCCESS_.'</p>';
						echo"<meta http-equiv='refresh' content='0;url=/admin.php?amk=".$amk."&apk=rights'>";
					}
				}else
				{
					$FormError[$i]=_BAD_SQL_;
					$i++;
				}
			}
		}
	}
}elseif(isset($act) && $act==3)
{
	$ActionUrl=2;  $ActionButton=_EDITE_;
	$queryRightSelect=mysql_query("SELECT * FROM ".$PortalPref."right WHERE right_id='".$rid."'");
	if (isset($ref) && $ref!='' && !is_numeric($ref))
		$addToRef='&apk='.$ref;
	else
		$addToRef='';
	if (mysql_num_rows($queryRightSelect)!=1)
	{
		$FormError[$i]=_NO_RIGHT_FOR_EDITE_;
		$i++;
		$showForm=0;
		echo"<meta http-equiv='refresh' content='2;url=/admin.php?amk=".$amk.$addToRef."'>";

	}else
	{
		while($resultRightSelect=mysql_fetch_assoc($queryRightSelect))
		{
			$urcode=$resultRightSelect['right_value'];
			$lvid=$resultRightSelect['right_title'];
			$r_title=$lvid;
  		}
		$midActionUrl='&rid='.$rid;

		$count=count($avialable_langs);
		for($li=0; $li<$count; $li++)
		{
			$available_langs1[$li]=$avialable_langs[$li].".lang_value AS lvalue_".$avialable_langs[$li];
			$available_langs2[$li]=$PortalPref."langs_".$avialable_langs[$li]." ".$avialable_langs[$li];
			$available_langs3[$li]=$avialable_langs[$li].".lang_param='".$lvid."'";
    	}

		$valueArray = implode(",", $available_langs1);
		$tableArray= implode(",", $available_langs2);
		$WhereArray= implode(" AND ", $available_langs3);

		$queryLangValueSelect=mysql_query("SELECT ".$option['default_lang'].".lang_module, ".$valueArray." FROM ".$tableArray." WHERE ".$WhereArray." AND ".$option['default_lang'].".lang_module='portal'");

		if (mysql_num_rows($queryLangValueSelect)!=1)
		{
			$FormError[$i]=_NO_RIGHT_TITLE_FOR_EDITE_;
			$i++;
			$showForm=0;
			echo"<meta http-equiv='refresh' content='2;url=/admin.php?amk=".$amk.$addToRef."'>";
		}else
		{
			while($resultLangValueSelect=mysql_fetch_assoc($queryLangValueSelect))
			{
				extract($resultLangValueSelect);
				$lparam=$lvid;
			}
		}
	}
}else
{
	$ActionUrl=1;  $ActionButton=_ADDNEW_;
}

print '<p>';
getErrorList($FormError);
print '</p>';

if ($showForm==1)
{
	print '<form method="post" name="ModuleFrm" action="'.$portal_url.'/admin.php?amk='.$amk.'&apk='.$apk.'&act='.$ActionUrl.''.$midActionUrl.'">
		<table width="80%" align="center">
			<tr>
				<td>'._USER_RIGHTS_CODE_.'</td>
				<td><input type="text" name="urcode" value="'.$urcode.'"></td>
			</tr>
			<tr>
				<td>'._USER_RIGTHS_NAME_.'</td>
				<td>';
					print GetLangsSelector($avialable_langs, $avialable_langs_desc);
					for ($li=0; $li<count($avialable_langs); $li++)
					{
						$valueVarName='lvalue_'.$avialable_langs[$li];
                        if ($li>0)
							$classAdd='hidden';
						else
							$classAdd='';
						print '<div class="tabLangEdite '.$classAdd.'" id="area_'.$avialable_langs[$li].'"><input type="text" name="lvalue_'.$avialable_langs[$li].'" value="'.$$valueVarName.'"></div>';
					}
					if ($ActionUrl==2)
						print '<input type="hidden" name="r_title" value="'.$r_title.'">';
				print '</td>
			</tr>
			<tr>
				<td colspan="2"><input type="submit" value="'.$ActionButton.'"></td>
			</tr>
		</table>
	</form>';
}


?>